public function display($id = null, $name = null, $page = null, $pid = null)
{
// Antispam feature
require $this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->feather->user->language . '/antispam.php';
$index_questions = rand(0, count($lang_antispam_questions) - 1);
// Fetch some informations about the topic
$cur_topic = $this->model->get_info_topic($id);
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_topic['moderators'] != '' ? unserialize($cur_topic['moderators']) : array();
$is_admmod = $this->feather->user->g_id == $this->feather->forum_env['FEATHER_ADMIN'] || $this->feather->user->g_moderator == '1' && array_key_exists($this->feather->user->username, $mods_array) ? true : false;
if ($is_admmod) {
$admin_ids = Utils::get_admin_ids();
}
// Can we or can we not post replies?
$post_link = $this->model->get_post_link($id, $cur_topic['closed'], $cur_topic['post_replies'], $is_admmod);
// Add/update this topic in our list of tracked topics
if (!$this->feather->user->is_guest) {
$tracked_topics = Track::get_tracked_topics();
$tracked_topics['topics'][$id] = time();
Track::set_tracked_topics($tracked_topics);
}
// Determine the post offset (based on $_GET['p'])
$num_pages = ceil(($cur_topic['num_replies'] + 1) / $this->feather->user->disp_posts);
$p = !isset($page) || $page <= 1 || $page > $num_pages ? 1 : intval($page);
$start_from = $this->feather->user->disp_posts * ($p - 1);
$url_topic = Url::url_friendly($cur_topic['subject']);
$url_forum = Url::url_friendly($cur_topic['forum_name']);
// Generate paging links
$paging_links = '<span class="pages-label">' . __('Pages') . ' </span>' . Url::paginate($num_pages, $p, 'topic/' . $id . '/' . $url_topic . '/#');
if ($this->feather->forum_settings['o_censoring'] == '1') {
$cur_topic['subject'] = Utils::censor($cur_topic['subject']);
}
$quickpost = $this->model->is_quickpost($cur_topic['post_replies'], $cur_topic['closed'], $is_admmod);
$subscraction = $this->model->get_subscraction($cur_topic['is_subscribed'], $id);
$lang_bbeditor = array('btnBold' => __('btnBold'), 'btnItalic' => __('btnItalic'), 'btnUnderline' => __('btnUnderline'), 'btnColor' => __('btnColor'), 'btnLeft' => __('btnLeft'), 'btnRight' => __('btnRight'), 'btnJustify' => __('btnJustify'), 'btnCenter' => __('btnCenter'), 'btnLink' => __('btnLink'), 'btnPicture' => __('btnPicture'), 'btnList' => __('btnList'), 'btnQuote' => __('btnQuote'), 'btnCode' => __('btnCode'), 'promptImage' => __('promptImage'), 'promptUrl' => __('promptUrl'), 'promptQuote' => __('promptQuote'));
$this->feather->template->addAsset('canonical', $this->feather->urlFor('Forum', ['id' => $id, 'name' => $url_forum]));
if ($num_pages > 1) {
if ($p > 1) {
$this->feather->template->addAsset('prev', $this->feather->urlFor('ForumPaginate', ['id' => $id, 'name' => $url_forum, 'page' => intval($p - 1)]));
}
if ($p < $num_pages) {
$this->feather->template->addAsset('next', $this->feather->urlFor('ForumPaginate', ['id' => $id, 'name' => $url_forum, 'page' => intval($p + 1)]));
}
}
if ($this->feather->forum_settings['o_feed_type'] == '1') {
$this->feather->template->addAsset('feed', 'extern.php?action=feed&fid=' . $id . '&type=rss', array('title' => __('RSS forum feed')));
} elseif ($this->feather->forum_settings['o_feed_type'] == '2') {
$this->feather->template->addAsset('feed', 'extern.php?action=feed&fid=' . $id . '&type=atom', array('title' => __('Atom forum feed')));
}
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->feather->forum_settings['o_board_title']), Utils::escape($cur_topic['forum_name']), Utils::escape($cur_topic['subject'])), 'active_page' => 'Topic', 'page_number' => $p, 'paging_links' => $paging_links, 'is_indexed' => true, 'id' => $id, 'pid' => $pid, 'tid' => $id, 'fid' => $cur_topic['forum_id'], 'post_data' => $this->model->print_posts($id, $start_from, $cur_topic, $is_admmod), 'cur_topic' => $cur_topic, 'subscraction' => $subscraction, 'post_link' => $post_link, 'start_from' => $start_from, 'lang_antispam' => $lang_antispam, 'quickpost' => $quickpost, 'index_questions' => $index_questions, 'lang_antispam_questions' => $lang_antispam_questions, 'lang_bbeditor' => $lang_bbeditor, 'url_forum' => $url_forum, 'url_topic' => $url_topic))->addTemplate('Topic.php')->display();
// Increment "num_views" for topic
$this->model->increment_views($id);
}
public function editpost($id)
{
// Fetch some informations about the post, the topic and the forum
$cur_post = $this->model->get_info_edit($id);
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_post['moderators'] != '' ? unserialize($cur_post['moderators']) : array();
$is_admmod = $this->user->g_id == $this->feather->forum_env['FEATHER_ADMIN'] || $this->user->g_moderator == '1' && array_key_exists($this->user->username, $mods_array) ? true : false;
$can_edit_subject = $id == $cur_post['first_post_id'];
if ($this->config['o_censoring'] == '1') {
$cur_post['subject'] = Utils::censor($cur_post['subject']);
$cur_post['message'] = Utils::censor($cur_post['message']);
}
// Do we have permission to edit this post?
if (($this->user->g_edit_posts == '0' || $cur_post['poster_id'] != $this->user->id || $cur_post['closed'] == '1') && !$is_admmod) {
throw new Error(__('No permission'), 403);
}
if ($is_admmod && $this->user->g_id != $this->feather->forum_env['FEATHER_ADMIN'] && in_array($cur_post['poster_id'], Utils::get_admin_ids())) {
throw new Error(__('No permission'), 403);
}
// Start with a clean slate
$errors = array();
if ($this->feather->request()->isPost()) {
// Let's see if everything went right
$errors = $this->model->check_errors_before_edit($can_edit_subject, $errors);
// Setup some variables before post
$post = $this->model->setup_variables($cur_post, $is_admmod, $can_edit_subject, $errors);
// Did everything go according to plan?
if (empty($errors) && !$this->request->post('preview')) {
// Edit the post
$this->model->edit_post($id, $can_edit_subject, $post, $cur_post, $is_admmod);
Url::redirect($this->feather->urlFor('viewPost', ['pid' => $id]) . '#p' . $id, __('Post redirect'));
}
} else {
$post = '';
}
if ($this->request->post('preview')) {
$preview_message = $this->feather->parser->parse_message($post['message'], $post['hide_smilies']);
} else {
$preview_message = '';
}
$lang_bbeditor = array('btnBold' => __('btnBold'), 'btnItalic' => __('btnItalic'), 'btnUnderline' => __('btnUnderline'), 'btnColor' => __('btnColor'), 'btnLeft' => __('btnLeft'), 'btnRight' => __('btnRight'), 'btnJustify' => __('btnJustify'), 'btnCenter' => __('btnCenter'), 'btnLink' => __('btnLink'), 'btnPicture' => __('btnPicture'), 'btnList' => __('btnList'), 'btnQuote' => __('btnQuote'), 'btnCode' => __('btnCode'), 'promptImage' => __('promptImage'), 'promptUrl' => __('promptUrl'), 'promptQuote' => __('promptQuote'));
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->config['o_board_title']), __('Edit post')), 'required_fields' => array('req_subject' => __('Subject'), 'req_message' => __('Message')), 'focus_element' => array('edit', 'req_message'), 'cur_post' => $cur_post, 'errors' => $errors, 'preview_message' => $preview_message, 'id' => $id, 'checkboxes' => $this->model->get_checkboxes($can_edit_subject, $is_admmod, $cur_post, 1), 'can_edit_subject' => $can_edit_subject, 'lang_bbeditor' => $lang_bbeditor, 'post' => $post))->addTemplate('edit.php')->display();
}
public function deletepost($id)
{
// Fetch some informations about the post, the topic and the forum
$cur_post = $this->model->get_info_delete($id);
if ($this->feather->forum_settings['o_censoring'] == '1') {
$cur_post['subject'] = Utils::censor($cur_post['subject']);
}
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_post['moderators'] != '' ? unserialize($cur_post['moderators']) : array();
$is_admmod = $this->feather->user->g_id == $this->feather->forum_env['FEATHER_ADMIN'] || $this->feather->user->g_moderator == '1' && array_key_exists($this->feather->user->username, $mods_array) ? true : false;
$is_topic_post = $id == $cur_post['first_post_id'] ? true : false;
// Do we have permission to edit this post?
if (($this->feather->user->g_delete_posts == '0' || $this->feather->user->g_delete_topics == '0' && $is_topic_post || $cur_post['poster_id'] != $this->feather->user->id || $cur_post['closed'] == '1') && !$is_admmod) {
throw new Error(__('No permission'), 403);
}
if ($is_admmod && $this->feather->user->g_id != $this->feather->forum_env['FEATHER_ADMIN'] && in_array($cur_post['poster_id'], Utils::get_admin_ids())) {
throw new Error(__('No permission'), 403);
}
if ($this->feather->request()->isPost()) {
$this->model->handle_deletion($is_topic_post, $id, $cur_post['tid'], $cur_post['fid']);
}
$cur_post['message'] = $this->feather->parser->parse_message($cur_post['message'], $cur_post['hide_smilies']);
$this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->feather->forum_settings['o_board_title']), __('Delete post')), 'active_page' => 'delete', 'cur_post' => $cur_post, 'id' => $id, 'is_topic_post' => $is_topic_post))->addTemplate('delete.php')->display();
}
public function delete_topics($topics, $fid)
{
$this->hook->fire('delete_topics');
if (@preg_match('%[^0-9,]%', $topics)) {
throw new Error(__('Bad request'), 400);
}
$topics_sql = explode(',', $topics);
// Verify that the topic IDs are valid
$result = DB::for_table('topics')->where_in('id', $topics_sql)->where('forum_id', $fid);
$result = $this->hook->fireDB('delete_topics_verify_id', $result);
$result = $result->find_many();
if (count($result) != substr_count($topics, ',') + 1) {
throw new Error(__('Bad request'), 400);
}
// Verify that the posts are not by admins
if ($this->user->g_id != $this->feather->forum_env['FEATHER_ADMIN']) {
$authorized = DB::for_table('posts')->where_in('topic_id', $topics_sql)->where('poster_id', Utils::get_admin_ids());
$authorized = $this->hook->fireDB('delete_topics_authorized', $authorized);
$authorized = $authorized->find_many();
if ($authorized) {
throw new Error(__('No permission'), 403);
}
}
// Delete the topics
$delete_topics = DB::for_table('topics')->where_in('id', $topics_sql);
$delete_topics = $this->hook->fireDB('delete_topics_query', $delete_topics);
$delete_topics = $delete_topics->delete_many();
// Delete any redirect topics
$delete_redirect_topics = DB::for_table('topics')->where_in('moved_to', $topics_sql);
$delete_redirect_topics = $this->hook->fireDB('delete_topics_redirect', $delete_redirect_topics);
$delete_redirect_topics = $delete_redirect_topics->delete_many();
// Delete any subscriptions
$delete_subscriptions = DB::for_table('topic_subscriptions')->where_in('topic_id', $topics_sql);
$delete_subscriptions = $this->hook->fireDB('delete_topics_subscriptions', $delete_subscriptions);
$delete_subscriptions = $delete_subscriptions->delete_many();
// Create a list of the post IDs in this topic and then strip the search index
$find_ids = DB::for_table('posts')->select('id')->where_in('topic_id', $topics_sql);
$find_ids = $this->hook->fireDB('delete_topics_find_ids', $find_ids);
$find_ids = $find_ids->find_many();
$ids_post = array();
foreach ($find_ids as $id) {
$ids_post[] = $id['id'];
}
$post_ids = implode(', ', $ids_post);
// We have to check that we actually have a list of post IDs since we could be deleting just a redirect topic
if ($post_ids != '') {
$this->search->strip_search_index($post_ids);
}
// Delete posts
$delete_posts = DB::for_table('posts')->where_in('topic_id', $topics_sql);
$delete_posts = $this->hook->fireDB('delete_topics_delete_posts', $delete_posts);
$delete_posts = $delete_posts->delete_many();
Forum::update($fid);
$this->hook->fire('delete_topics');
Url::redirect($this->feather->urlFor('Forum', array('id' => $fid)), __('Delete topics redirect'));
}
public function editpost($req, $res, $args)
{
Container::get('hooks')->fire('controller.post.edit');
// Fetch some informations about the post, the topic and the forum
$cur_post = $this->model->get_info_edit($args['id']);
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_post['moderators'] != '' ? unserialize($cur_post['moderators']) : array();
$is_admmod = User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || User::get()->g_moderator == '1' && array_key_exists(User::get()->username, $mods_array) ? true : false;
$can_edit_subject = $args['id'] == $cur_post['first_post_id'];
if (ForumSettings::get('o_censoring') == '1') {
$cur_post['subject'] = Utils::censor($cur_post['subject']);
$cur_post['message'] = Utils::censor($cur_post['message']);
}
// Do we have permission to edit this post?
if ((User::get()->g_edit_posts == '0' || $cur_post['poster_id'] != User::get()->id || $cur_post['closed'] == '1') && !$is_admmod) {
throw new Error(__('No permission'), 403);
}
if ($is_admmod && User::get()->g_id != ForumEnv::get('FEATHER_ADMIN') && in_array($cur_post['poster_id'], Utils::get_admin_ids())) {
throw new Error(__('No permission'), 403);
}
// Start with a clean slate
$errors = array();
if (Request::isPost()) {
Container::get('hooks')->fire('controller.post.edit.submit', $args['id']);
// Let's see if everything went right
$errors = $this->model->check_errors_before_edit($can_edit_subject, $errors);
// Setup some variables before post
$post = $this->model->setup_edit_variables($cur_post, $is_admmod, $can_edit_subject, $errors);
// Did everything go according to plan?
if (empty($errors) && !Input::post('preview')) {
Container::get('hooks')->fire('controller.post.edit.valid', $args['id']);
// Edit the post
$this->model->edit_post($args['id'], $can_edit_subject, $post, $cur_post, $is_admmod);
return Router::redirect(Router::pathFor('viewPost', ['pid' => $args['id']]) . '#p' . $args['id'], __('Post redirect'));
}
} else {
$post = '';
}
if (Input::post('preview')) {
$preview_message = Container::get('parser')->parse_message($post['message'], $post['hide_smilies']);
$preview_message = Container::get('hooks')->fire('controller.post.edit.preview', $preview_message);
} else {
$preview_message = '';
}
View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Edit post')), 'required_fields' => array('req_subject' => __('Subject'), 'req_message' => __('Message')), 'focus_element' => array('edit', 'req_message'), 'cur_post' => $cur_post, 'errors' => $errors, 'preview_message' => $preview_message, 'id' => $args['id'], 'checkboxes' => $this->model->get_edit_checkboxes($can_edit_subject, $is_admmod, $cur_post, 1), 'can_edit_subject' => $can_edit_subject, 'post' => $post))->addTemplate('edit.php')->display();
}
public function delete_posts($tid, $fid)
{
$posts = Input::post('posts') ? Input::post('posts') : array();
$posts = Container::get('hooks')->fire('model.topic.delete_posts_start', $posts, $tid, $fid);
if (empty($posts)) {
throw new Error(__('No posts selected'), 404);
}
if (Input::post('delete_posts_comply')) {
if (@preg_match('%[^0-9,]%', $posts)) {
throw new Error(__('Bad request'), 400);
}
// Verify that the post IDs are valid
$posts_array = explode(',', $posts);
$result = DB::for_table('posts')->where_in('id', $posts_array)->where('topic_id', $tid);
if (User::get()->g_id != ForumEnv::get('FEATHER_ADMIN')) {
$result->where_not_in('poster_id', Utils::get_admin_ids());
}
$result = Container::get('hooks')->fireDB('model.topic.delete_posts_first_query', $result);
$result = $result->find_many();
if (count($result) != substr_count($posts, ',') + 1) {
throw new Error(__('Bad request'), 400);
}
// Delete the posts
$delete_posts = DB::for_table('posts')->where_in('id', $posts_array);
$delete_posts = Container::get('hooks')->fireDB('model.topic.delete_posts_query', $delete_posts);
$delete_posts = $delete_posts->delete_many();
$search = new \FeatherBB\Core\Search();
$search->strip_search_index($posts);
// Get last_post, last_post_id, and last_poster for the topic after deletion
$last_post['select'] = array('id', 'poster', 'posted');
$last_post = DB::for_table('posts')->select_many($last_post['select'])->where('topic_id', $tid);
$last_post = Container::get('hooks')->fireDB('model.topic.delete_posts_last_post_query', $last_post);
$last_post = $last_post->find_one();
// How many posts did we just delete?
$num_posts_deleted = substr_count($posts, ',') + 1;
// Update the topic
$update_topic['insert'] = array('last_post' => User::get()->id, 'last_post_id' => $last_post['id'], 'last_poster' => $last_post['poster']);
$update_topic = DB::for_table('topics')->where('id', $tid)->find_one()->set($update_topic['insert'])->set_expr('num_replies', 'num_replies-' . $num_posts_deleted);
$update_topic = Container::get('hooks')->fireDB('model.topic.delete_posts_update_topic_query', $update_topic);
$update_topic = $update_topic->save();
Forum::update($fid);
return Router::redirect(Router::pathFor('Topic', array('id' => $tid)), __('Delete posts redirect'));
} else {
$posts = Container::get('hooks')->fire('model.topic.delete_posts', $posts);
return $posts;
}
}
